T

AI Security Auditor – Enterprise AI & Agentic Systems

Tata Consultancy Services · Kochi, Kerala, India

5–12 yrs experienceRemotefull_timePosted 1w ago
Apply now →

Job description

**AI Security Auditor – Enterprise AI & Agentic Systems** **Greetings from TCS!** ! **!** **Walk in Drive planned on 4th July 2026 in TCS Kochi.** TCS has been a great pioneer in feeding the fire of young Techies like you. We are a global leader in the technology arena and there’s nothing that can stop us from growing together. Your role is of key importance, as it lays down the foundation for the entire project. Make sure you have a valid EP number before interview. To create an EP Number, please visit https://ibegin.tcs.com/iBegin/register Kindly complete the registration if you have not done it yet. Position: **AI Security Auditor – Enterprise AI & Agentic Systems** Exp **erience: 8 to 15 years** L **ocation: Kochi** **JOB DESCRIPTIO** N **Role: AI Security Auditor – Enterprise AI & Agentic Systems** **Required Information** **Details** 1 **Role\\*** AI Security Auditor – Enterprise AI & Agentic Systems **2 Required Technical Skill Name\\*** AI Security, Security Audits, Risk Assessment, Threat Modeling, AI Red Teaming, LLM Security, Agentic AI Security, Responsible AI, Data Privacy, Cloud Security **4 Desired Experience Range\\*** 8–15 Years **5 Location of Requirement \\*** Kochi, India **Desired Competencies (Technical/Behavioral Competency)** **Must-Have** **1. AI Security Audits & Risk Assessment** - Conduct end-to-end security audits of AI systems, including: - LLM-based applications - Agentic AI systems - RAG pipelines and AI workflows - Identify vulnerabilities such as: - Prompt injection - Data leakage - Model manipulation - Unauthorized access **2. AI Threat Modeling** - Develop and execute threat models for AI systems - Analyze risks across: - Model layer (LLM risks) - Data layer (training + inference data) - Orchestration layer (agents, tools, APIs) - Evaluate attack vectors specific to AI systems **3. Security Testing & Validation** - Perform: - Prompt testing and adversarial testing - Red teaming exercises for AI systems - Agent behavior validation (tool usage, autonomy limits) - Validate: - Hallucination risks - Bias and unsafe outputs - Misaligned responses **4. Governance, Compliance & Responsible AI** - Ensure adherence to: - Enterprise security policies - Data privacy standards - AI governance frameworks - Assess compliance with: - Regulatory requirements - Internal audit standards - Establish audit trails and explainability mechanisms **5. Data Security & Privacy Assurance** - Evaluate handling of: - PII and sensitive enterprise data - Training and inference data flows - Validate: - Data masking and anonymization - Secure data access controls - Ensure privacy-by-design principles are implemented **6. AI System Observability & Monitoring** - Audit logging mechanisms for: - Prompts - Responses - Agent actions - Ensure traceability of: - Decision flows - Tool invocations - Recommend improvements in monitoring and alerting **7. Security Architecture Review** - Review AI architecture for: - Secure API integration - Identity and access management - Secure agent orchestration - Validate secure deployment patterns across cloud platforms **8. Incident Analysis & Risk Mitigation** - Investigate AI-related security incidents - Conduct root cause analysis for: - Data leaks - Incorrect or unsafe AI responses - Define mitigation strategies and preventive controls **9. Collaboration & Advisory** - Work closely with: - AI Architects - Platform Engineering teams - Security and Compliance teams - Provide recommendations for: - Secure AI design - Governance frameworks - Support audits, certifications, and regulatory reviews **Required Skills & Expertise** **Core Security Skills** - Strong foundation in: - Application security - Cloud security - API security - Experience in: - Security audits and risk assessments - Threat modeling frameworks **AI / GenAI Security Skills** - Understanding of: - LLM vulnerabilities (prompt injection, jailbreaks) - Agentic AI risks (tool misuse, autonomy risks) - Experience in: - AI red teaming and adversarial testing - AI output validation and evaluation **Technical Skills** - Programming: - Python (preferred) - Familiarity with: - LLM frameworks (LangChain, LangGraph, etc.) - APIs and microservices architectures - Knowledge of: - Vector databases, knowledge graphs - Cloud platforms (Azure / AWS / GCP) **Governance & Compliance** - Understanding of: - Responsible AI frameworks - Data protection regulations - Experience in: - Audit processes and compliance validation - Security standards and frameworks **Responsibility / Expectations** 1 Conduct end-to-end security audits of AI systems, including **LLM-based applications, Agentic AI systems, RAG pipelines, and AI workflows** . 2 Identify vulnerabilities such as **prompt injection, data leakage, model manipulation, and unauthorized access** . 3 Develop and execute threat models for AI systems across **model layer, data layer, orchestration layer, agents, tools, and APIs** . 4 Evaluate attack vectors specific to AI systems and recommend security controls. 5 Perform **prompt testing, adversarial testing, red teaming exercises, and agent behavior validation** . 6 Validate **tool usage, autonomy limits, hallucination risks, bias, unsafe outputs, and misaligned responses** . 7 Ensure adherence to **enterprise security policies, data privacy standards, AI governance frameworks, regulatory requirements, and internal audit standards** . 8 Establish and validate **audit trails, explainability mechanisms, and Responsible AI controls** . 9 Evaluate handling of **PII, sensitive enterprise data, training data, and inference data flows** . 10 Validate **data masking, anonymization, secure data access controls, and privacy-by-design principles** . 11 Audit logging mechanisms for **prompts, responses, and agent actions** . 12 Ensure traceability of **decision flows and tool invocations** , and recommend improvements in monitoring and alerting. 13 Review AI archi